Zeljka Zorz
Cybersecurity issues can’t be solved by simply buying a product
Year after year, data breach losses continue to rise and the cybercrime economy continues to thrive. What is the cybersecurity industry doing wrong? Vendors must genuinely …
Google’s differential privacy library can now be used by anyone
Google has open-sourced a differential privacy library that helps power some of its core products. What it differential privacy? Differential privacy is a method for analyzing …
Firefox now blocks third-party tracking cookies, cryptomining scripts by default
It took a lot of testing and tweaking, but Mozilla’s Firefox browser is finally being delivered with Enhanced Tracking Protection and a web-based cryptomining blocking …
BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks
A slew of vulnerabilities affecting the baseboard management controllers (BMCs) of Supermicro servers could be exploited by remote attackers to gain access to corporate …
Attackers are exploiting vulnerable WP plugins to backdoor sites
A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …
How to reduce the attack surface associated with medical devices
As the number of connected medical devices continues to rise, so does healthcare organizations’ attack surface. “Most medical devices available in the healthcare system today …
Google discovers websites exploiting iPhones, pushing spying implants en masse
Unidentified attackers have been compromising websites for nearly three years, equipping them with exploits that would hack visiting iPhones without any user interaction and …
Google will pay for data abuse reports related to popular Android apps, Chrome extensions
Google is expanding the Google Play Security Reward Program (GPSRP) to include all apps in Google Play with 100 million or more installs, and is launching a new Developer Data …
CISO priorities: Implementing security from the get-go
Dr. David Brumley, CEO of ForAllSecure, a Carnegie Mellon computer science professor (on leave), and part of the team that won the DARPA Cyber Grand Challenge, was, at one …
What can be done about the rising click interception threat?
Ad networks’ increasingly successful efforts to detect bot-based ad click fraud has forced attackers to focus more on intercepting and redirecting legitimate users’ …
Imperva discloses security incident affecting Cloud WAF customers
Imperva, the well-known California-based web application security company, has announced that it has suffered a “security incident” involving its Cloud Web …
GitHub announces wider array of 2FA options, including security keys and biometrics
GitHub has started supporting the Web Authentication (WebAuthn) web standard, allowing users to use security keys for two-factor authentication with a wide variety of browsers …